Compared to a decade ago, web browsers have vital importance for the enterprise world. Following the introduction of HTML5, platform-dependent applications such as Java or Adobe Flash have been replaced with sophisticated corporate level SaaS applications. Being at the center of the enterprise workflow, browsers are now an undetachable part of endpoint devices or, simply they are the endpoint itself. The problem is, they are not designed to be manageable tools as enterprise ecosystem required and they can’t be air-gapped in conventional ways due to their importance. Therefore enterprises have to face the challenges of them:

• Since traditional browsers are vulnerable by themselves, enterprises invest more and more to endpoint security to mitigate risks. It increases the management complexity which costs human labor and time

• Data loss through the unintentional actions of the end-users is a primary problem. Any conventional browser used for personal purposes is an attack surface for corporate data breaches. When users have access to business applications through the same browser they use for social media or personal e-mail, corporate accounts can be compromised as well as personal accounts by complex attacks starting from un-monitored sources.

• The attack surface can get even larger with the browser extensions installed from unknown sources.

• Another threat is intentional attacks performed by the insider actors. Any un-monitored browser can be used to transfer confidential data through personal e-mail or cloud storage.

Modern browsers are not designed to meet the needs of enterprise-level cybersecurity, solution is manageable sandboxed browsers:

DefensX Virtual Browser service is a manageable and risk-free endpoint solution meeting the security requirements of a modern enterprise

• Thanks to isolation, there is zero-risk of malicious code to infect the user operating system and then spread to the enterprise network. Advanced phishing attacks, malware, and ransomware are all contained isolated in remote servers.

• DefensX policy engine could seamlessly integrate with the local or cloud policy servers, enabling full control over browsing sessions in real-time.

• IT admins could also create new rules on DefensX policy engine and centrally assign them to user roles.